package com.wwwc.admin.web.servlet;

import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import java.sql.SQLException;

import com.wwwc.admin.web.database.*;

public class adminDatabaseManagerQuery extends HttpServlet {

    public void doPost(HttpServletRequest request, HttpServletResponse response)
    {
	try {
	    response.setContentType("text/html");
	    
	    String user_ip       = request.getRemoteAddr();
	    HttpSession session  = request.getSession(true);
	    PrintWriter out      = response.getWriter();
	    out.println("<BR>adminDatabaseManagerQuery<BR>");	    
	    ResourceBundle config = (ResourceBundle)session.getAttribute("Configuration");
	
	    if (config == null) {
		return;
	    }

	    String local_ips = config.getString("3wcenter.local_ips");
	    if(user_ip==null || !user_ip.startsWith(local_ips)) {
		System.out.println("adminDatabaseQuery:Error:101");
		return;
	    }

	    String call_path = request.getContextPath()+request.getServletPath();
    
	    String action     = request.getParameter("action");
	    String database   = request.getParameter("database");	
	    String table_name = request.getParameter("table_name");
	    out.println(DebugBean.getInputs("Query=",request));
	    if(action==null || database == null) {
		RequestDispatcher rd = request.getRequestDispatcher(call_path+"?mid=1"); 
		rd.forward(request,response);
	    }

	    String db_url    = config.getString("3wcenter.database."+database+".db_name");
	    String db_driver = config.getString("3wcenter.database."+database+".driver_name");
	    String db_user   = config.getString("3wcenter.database."+database+".user_name");
	    String db_pass   = config.getString("3wcenter.database."+database+".pass_word");
	
	    Database db = new Database ();
	    db.setDataBaseName(db_url);
	    db.setDriverName(db_driver);
	    db.setUserName(db_user);
	    db.setPassword(db_pass);

	    String query = (String)request.getAttribute("query");

	    if(query == null) {
		query = request.getParameter("query_form");
	    }

	    if(query == null) {
		out.println("adminDatabaseManageQuery Error[101]");
		return;
	    }

	    int result = -1;
	    String emessage = null;

	    if(action.equals("add_record")) {
		result = db.insert(query);

		if(result==1) {
		    RequestDispatcher rd = request.getRequestDispatcher(call_path+"?mid=2&action=view_edit_record"); 
		    rd.forward(request,response);
		}
		else {
		    out.println("<HTML><HEAD><TITLE></TITLE></HEAD><BODY><CENTER>");
		    out.println("<H3>Please check your SQL statement</H3>");
		    out.println(db.getMessage());
		    out.println("<FORM method=post action="+call_path+">");
		    out.println(queryForm(query));
		    out.println("<input type=hidden name=action value=add_record>");
		    out.println("<input type=hidden name=database value="+database+">");
		    out.println("<input type=hidden name=table_name value="+table_name+">");
		    out.println("<input type=hidden name=mid value=2>");
		    out.println("</FORM>");
		    out.println("</CENTER></BODY></HTML>");
		}
		return;
	    }

	    if(action.equals("update_record")) {
		result=db.update(query);

		if(result == 1) {
		    RequestDispatcher rd = request.getRequestDispatcher("adminDatabaseManagerTable?action=view_edit_record"); 
		    rd.forward(request,response);
		}
		else {
		    out.println("<HTML><HEAD><TITLE></TITLE></HEAD><BODY><CENTER>");
		    out.println("<H3>System can't update this record, please check your SQL statement</H3>");
		    out.println("<FORM method=post action=adminDatabaseManagerQuery>");
		    out.println(queryForm(query));
		    out.println("<input type=hidden name=action value=update_record>");
		    out.println("<input type=hidden name=database value="+database+">");
		    out.println("<input type=hidden name=table_name value="+table_name+">");
		    out.println("</FORM>");
		    out.println("</CENTER></BODY></HTML>");
		}
		return;
	    }

	    if(action.equals("delete_record")) {
		result=db.delete(query);
		if(result==1) {
		    RequestDispatcher rd = request.getRequestDispatcher("adminDatabaseManagerTable?action=view_edit_record"); 
		    rd.forward(request,response);
		}
		else {
		    out.println("<HTML><HEAD><TITLE></TITLE></HEAD><BODY><CENTER>");
		    out.println("<H3>System can't delete this record, please check your SQL statement</H3>");
		    out.println("<FORM method=post action=adminDatabaseManagerQuery>");
		    out.println(queryForm(query));
		    out.println("<input type=hidden name=action value=delete_record>");
		    out.println("<input type=hidden name=database value="+database+">");
		    out.println("<input type=hidden name=table_name value="+table_name+">");
		    out.println("</FORM>");
		    out.println("</CENTER></BODY></HTML>");
		}
	    }
	    return;
	}
	catch (IOException e) {
	    return;
	}
	catch(ServletException e) {
	    return;
	}
	catch (Exception e) {
	    return;
	}
    }

    public void doGet(HttpServletRequest request, HttpServletResponse response)
    {
	doPost(request, response);
    }

    private StringBuffer queryForm (String query) {
	StringBuffer sbf = new StringBuffer();
	sbf.append("<TABLE border=1 cellSpacing=0 cellPadding=0 style='font-size: 8pt' width=100%>");	  
	sbf.append("<TR><TD>");
	sbf.append("<TEXTAREA name=query_form rows=5 cols=100>"+query);
	sbf.append("</TEXTAREA></TD>");
	sbf.append("</TR>");
	sbf.append("</TABLE>");
	sbf.append("<input type=submit value=Submit>");
	return sbf;
    }
}








